<?php
/**
 * Created by PhpStorm.
 * User: C。
 * Date: 2019/8/13
 * Time: 9:04
 */
namespace app\home\controller;

use app\common\model\CompanyGongdengOrder as CompanyGongdengOrderModel;
use app\common\model\Recharge as RechargeModel;
use app\common\model\Company as CompanyModel;
use app\common\model\Config as ConfigModel;
use think\Controller;

/**
 * 支付回调控制器
 * Class Login
 * @package app\home\controller
 */
class Notifyurl extends Controller
{
    public function url()
    {
        $model = new CompanyGongdengOrderModel;
        $rmodel = new RechargeModel;
        $cmodel = new CompanyModel;
        //获取接口数据，如果$_REQUEST拿不到数据，则使用file_get_contents函数获取
        $post = input('param.');
        if ($post == null) {
            $post = file_get_contents("php://input");
        }

        if ($post == null) {
            $post = isset($GLOBALS['HTTP_RAW_POST_DATA']) ? $GLOBALS['HTTP_RAW_POST_DATA'] : '';
        }

        if (empty($post) || $post == null || $post == '') {
            //阻止微信接口反复回调接口  文档地址 https://pay.weixin.qq.com/wiki/doc/api/H5.php?chapter=9_7&index=7，下面这句非常重要!!!
            $str='<xml><return_code><![CDATA[SUCCESS]]></return_code><return_msg><![CDATA[OK]]></return_msg></xml>';
            echo $str;
            exit('Notify 非法回调');
        }

        /*****************微信回调返回数据样例*******************
        $post = '<xml>
        <return_code><![CDATA[SUCCESS]]></return_code>
        <return_msg><![CDATA[OK]]></return_msg>
        <appid><![CDATA[wx2421b1c4370ec43b]]></appid>
        <mch_id><![CDATA[10000100]]></mch_id>
        <nonce_str><![CDATA[IITRi8Iabbblz1Jc]]></nonce_str>
        <sign><![CDATA[7921E432F65EB8ED0CE9755F0E86D72F]]></sign>
        <result_code><![CDATA[SUCCESS]]></result_code>
        <prepay_id><![CDATA[wx201411101639507cbf6ffd8b0779950874]]></prepay_id>
        <trade_type><![CDATA[APP]]></trade_type>
        </xml>';
         *************************微信回调返回*****************/

        libxml_disable_entity_loader(true); //禁止引用外部xml实体

        $xml = simplexml_load_string($post, 'SimpleXMLElement', LIBXML_NOCDATA);//XML转数组

        $post_data = (array)$xml;

        /** 解析出来的数组
         *Array
         * (
         * [appid] => wx1c870c0145984d30
         * [bank_type] => CFT
         * [cash_fee] => 100
         * [fee_type] => CNY
         * [is_subscribe] => N
         * [mch_id] => 1297210301
         * [nonce_str] => gkq1x5fxejqo5lz5eua50gg4c4la18vy
         * [openid] => olSGW5BBvfep9UhlU40VFIQlcvZ0
         * [out_trade_no] => fangchan_588796
         * [result_code] => SUCCESS
         * [return_code] => SUCCESS
         * [sign] => F6890323B0A6A3765510D152D9420EAC
         * [time_end] => 20180626170839
         * [total_fee] => 100
         * [trade_type] => JSAPI
         * [transaction_id] => 4200000134201806265483331660
         * )
         **/
        //订单号
        $out_trade_no = isset($post_data['out_trade_no']) && !empty($post_data['out_trade_no']) ? $post_data['out_trade_no'] : 0;
        $order = $model->findData($out_trade_no,'order_num');

        if(!empty($order)){
            $company = $cmodel->findData($order['comid'],'id','mch_id,much_secret,wx_appid,wx_secret,is_son');
            if($company['is_son'] == 1){
                $cmmodel = new ConfigModel;
                $mch_secret = $cmmodel->findOne(['cname'=>'zh_mch_secret'],'cvalue');
                $wxpay_key = $mch_secret['cvalue'];
            }else{
                $wxpay_key = $company['much_secret'];
            }

            //接收到的签名
            $post_sign = $post_data['sign'];
            unset($post_data['sign']);

            //重新生成签名
            $newSign = $this->MakeSign($post_data,$wxpay_key);

            //签名统一，则更新数据库
            if($post_sign == $newSign){
                $updateData = array();
                $updateData['paytime'] = time(); //支付时间
                $updateData['status'] = 1; //订单状态
                $updateData['id'] = $order['id']; //订单状态
                $model->editData($updateData);
            }
        }
        //阻止微信接口反复回调接口  文档地址 https://pay.weixin.qq.com/wiki/doc/api/H5.php?chapter=9_7&index=7，下面这句非常重要!!!
        $str='<xml><return_code><![CDATA[SUCCESS]]></return_code><return_msg><![CDATA[OK]]></return_msg></xml>';
        echo $str;
    }

    function MakeSign($params,$key){
        //签名步骤一：按字典序排序数组参数
        ksort($params);
        $string = $this->ToUrlParams($params);  //参数进行拼接key=value&k=v
        //签名步骤二：在string后加入KEY
        $string = $string . "&key=".$key;
        //签名步骤三：MD5加密
        $string = md5($string);
        //签名步骤四：所有字符转为大写
        $result = strtoupper($string);
        return $result;
    }

    function ToUrlParams( $params ){
        $string = '';
        if( !empty($params) ){
            $array = array();
            foreach( $params as $key => $value ){
                $array[] = $key.'='.$value;
            }
            $string = implode("&",$array);
        }
        return $string;
    }
}